I don't think they publish pass percentages, but this is a fairly difficult exam. Unlike most others, technical knowledge alone won't get you through this. You really need to have the right mindset and be good at solving puzzles, organizing and correlating information, etc.

The course and course syllabus are merely a suggestion or a way to "point you in the right direction." There is quite a bit of outside research that you'll go through on your own. Don't get me wrong, the course materials are very valuable but its not a typical course/exam like you're probably used to.

This is a great course to aim for, but you need to have something to stand on when you get there. There are plenty of great sites out there with all kinds of hacking challenges as well as vulnerable VM's that you can download and test yourself on. This site as well as others have exercises to try as well. This is not like sitting and writing in memorized answers, it is a practical and will take more work to get ready for.

If you learn and understand the course and spend some time (meaning hacking) in the lab then you will be ok.Advanced programming skills are not really needed, just basic bash/python scripting is needed.

Welcome aboard ! The exam is pretty hardcore I thought but if you understand all the concepts enough and practice in the VPN labs, you should be able to get a passing score. It sounds like you have solid linux and networking experience, but PWB is a highly Offensive Attacking course. How are you pen testing skills? Have you used Metasploit, are you familiar with nmap, do you know how to perform Web App attacks, privilege escalation? Though the course will teach most of these, it's best to have experience doing/using these prior to walking in just to make sure your comfortable. What I listed off was of course a minor subset of the topics you'll cover.

I would even say just practicing as much as you can that is inside the PWB syllabus with VMs for a little bit would help you out. Lab time is so precious in the course. Being unfamiliar with some tools may take away from lab time when your having to research them. I would highly recommend going with the 90 days lab access just to make sure your fully prepped for the examination.

You don't need to be a good coder but even understanding the basics helps out. Dynamik's link is great to get you started with python, there's also this useful thread. Another great resource for you would be the OSCP Section here on the forum. This is great because there's 4 pages of information of folks who have taken the course, are getting ready for it, and have wanted similar suggestions like yourself. Here is my PWB v3 Review - I think it's a great read because I listed off some of my background prior to going in. Cd1zz's Review is also great.

Ultimately my main advice is although you fit the pre-reqs, I would get well familiar with the syllabus before officially signing up. Setup your own lab and practice in it! Learn some python. Purchase the 90 days just be make sure you'll be well prepped, and prepare for some pain (:

This is where, as noted, you'll have to be prepared to do a lot of Googling and outside research. OSCP teaches a lot, but they also rely on your abilities to dig and research (just as you would in a real pentest, in real-life.)

As for the syllabus, it'll give you an idea of what will be covered in the class, so that YOU can decide for yourself, whether or not you're ready, or you feel you need to brush up on some areas, before taking the class.

Good luck, and if more questions, ask away!

~ hayabusa ~

"All men can see these tactics whereby I conquer, but what none can see is the strategy out of which victory is evolved." - Sun Tzu, 'The Art of War'

If you consider yourself to be strong with *nix and networking, I honestly think you're in better shape than a lot of people when they start this one.

I wouldn't consider the syllabus to be prereqs (the course will teach you a lot along the way ), but if you see something on there where you feel like you're totally clueless, you should probably brush-up on that a bit before trying the course. You want to get the most out of the lab time you pay for, so you don't want to squander that learning how to perform basic activities. Aside from that, there aren't any time constraints, so if you get stuck, you can always branch out and study that item, and then return to the course at a later date. You may want to start with only 30 days lab time to get a taste of what it's like, and then add more whenever you feel ready. It'll be slightly more expensive if you go that route, but that might be better than having more time available before you're ready for it.

Metasploit can be kind of intimidating at first since it's probably unlike anything you've used in the past. However, it's really not bad at all once you get into it.

If you want to get started, just download BackTrack and load it up in a VM (Virtual Box, VMware Player or Workstation) along with a vulnerable distro (Metasploitable, Damn Vulnerable Linux) and start playing around.

Edit: I'm too slow for Hayabusa

Last edited by dynamik on Wed Dec 28, 2011 9:40 am, edited 1 time in total.

I'd say the same as dynamik said. If you are already that familiar with linux and networking, you shouldn't have too much troubles to get through it.

If you don't have any programming experience and don't know the very basic concepts such as loops etc. at all, you might want to spend some time on it prior of starting the course. This way you won't spend too much of your lab time to go through with such basic things and you can concentrate on the main topics. Otherwise it shouldn't be too hard to pick up those things during the course. Although programming is involved and it certainly helps if you can read some easy assembly instructions and adjust existing exploits to your needs (which is also covered in the course materials), it shouldn't be a problem to go through the course materials and eventually pass the exam.

You get 30/60/whatever calendar days. The clock unfortunately starts immediately with the course. I personally wish you could choose when to start it, so you could get a bit more familiar with the material first, but that was not an option the last time I checked.

I believe you'll need to pay for a retake, but I can't recall what the price is.

Yes, the retake will cost you only $60. No need to buy a lab extension. Although if you haven't got all machines in the lab and failed the exam, it might be worth to extend your lab time for 15 or 30 days.